<?php
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//
// DLMan by Shedd Technologies International		  				//
// http://www.dlman.com | info@dlman.com							//
// Copyright 2003 by STI, All rights reserved.						//
// ---------------------------------------------------------------- //
// Usage of this software is governed by the terms of GPL. 	    	//
//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//

require_once("../global.php");
require_once("../config.php");
session_save_path($sspath);
if(session_id())//SID changed to session_id()
	session_start(session_id());//SID changed to session_id()
else
	session_start();

$redir="<script language=\"javascript\">window.location=\"index.php\";</script>\n";

//verify authentication
if(!verify($HTTP_SESSION_VARS["Suser"],$HTTP_SESSION_VARS["Spass"])){
	die("Invalid Authentication!$redir");
}
/*
$sql="SELECT ".$config->field['username'].",".$config->field['password']." FROM ".$config->dt['user']." WHERE ".$config->field['username']."='$Suser'";
$r=mysql_query($sql);
while ($row = @mysql_fetch_array($r)){
    if(strtolower($Suser) == strtolower($row[$config->field['username']]) && $Spass == $row[$config->field['password']]){
        //return true;
        //exit();
    }
	else{
		//return false;
		die("Invalid Authentication!$redir");
		exit();
	}
}//end while
*/
//verify that user is an admin
$sql="SELECT * FROM ".$config->dt['user']." WHERE ".$config->field['username']."='".$HTTP_SESSION_VARS["Suser"]."'";
$result=mysql_query($sql);
$value=mysql_fetch_array($result);
if($value[$config->field['usergroupid']]!=$config->values['admin']){
	die("Invalid Userlevel!$redir");
	$users_id_number=$value[$config->field['userid']];
}
?>
